handle org and update serverless

Author: mathieudutour

.gitignore

@@ -3,4 +3,8 @@ node_modules
 jspm_packages
 
 # Serverless directories
-.serverless
+.serverless
+
+# secrets
+config.dev.yml
+config.production.yml

README.md

@@ -0,0 +1,30 @@
+### Secrets
+
+Create 2 files called `config.dev.yml` and `config.production.yml` containing
+
+```yml
+GITHUB_HOST: github.com
+GITHUB_PORT: 443
+GITHUB_PATH: /login/oauth/access_token
+GITHUB_METHOD: POST
+
+GITHUB_CLIENT_ID: XXXXXXX
+GITHUB_CLIENT_SECRET: XXXXXXX
+
+STRIPE_SECRET: XXXXXX
+STRIPE_ENDPOINT_SECRET: XXXXXX
+```
+
+### ORGS
+
+1. user login with github on the web
+2. if already part of 1 org -> skip
+   else if already part of multiple orgs
+     if admin of 1 org -> show this one
+     else show an org picker
+   else pay with stripe -> create a valid org with the user as an admin
+3. if the user is not the admin of the org -> only display the members without possibility to do anything
+   else show a dashboard to add/promote/remove members and a button to pay again if the org is not valid anymore
+
+Adding a member adds a subscription item
+Removing a member remove the subscription item

api/_handleError.js

@@ -0,0 +1,40 @@
+const makeCallback = require('./_makeCallback')
+
+module.exports = callback => err => {
+  console.error(err)
+  if (!err.type) {
+    makeCallback(callback, err.message, 500)
+    return
+  }
+  switch (err.type) {
+    case 'StripeCardError':
+      // A declined card error
+      const message = err.message // => e.g. "Your card's expiration year is invalid."
+      makeCallback(callback, message, 400)
+      break
+    case 'RateLimitError':
+      // Too many requests made to the API too quickly
+      makeCallback(callback, 'Server is a bit overloaded, try again in a bit', 503)
+      break
+    case 'StripeInvalidRequestError':
+      // Invalid parameters were supplied to Stripe's API
+      makeCallback(callback, 'Bad request', 400)
+      break
+    case 'StripeAPIError':
+      // An error occurred internally with Stripe's API
+      makeCallback(callback, 'Stripe failed, sorry about that', 500)
+      break
+    case 'StripeConnectionError':
+      // Some kind of error occurred during the HTTPS communication
+      makeCallback(callback, 'Stripe is down, sorry about that', 500)
+      break
+    case 'StripeAuthenticationError':
+      // You probably used an incorrect API key
+      makeCallback(callback, 'How did that happen!?', 500)
+      break
+    default:
+      // Handle any other types of unexpected errors
+      makeCallback(callback, err.message, 500)
+      break
+  }
+}

api/_makeCallback.js

@@ -0,0 +1,21 @@
+module.exports = function (callback, body, status) {
+  try {
+    callback(null, {
+      statusCode: status || 200,
+      headers: {
+        'Access-Control-Allow-Origin': '*', // Required for CORS support to work
+        'Access-Control-Allow-Credentials': true // Required for cookies, authorization headers with HTTPS
+      },
+      body: JSON.stringify(body)
+    })
+  } catch (err) {
+    callback(null, {
+      statusCode: 500,
+      headers: {
+        'Access-Control-Allow-Origin': '*', // Required for CORS support to work
+        'Access-Control-Allow-Credentials': true // Required for cookies, authorization headers with HTTPS
+      },
+      body: err.message
+    })
+  }
+}

api/checkUnlocked.js

@@ -1,8 +1,9 @@
 const stripe = require('stripe')(process.env.STRIPE_SECRET)
+const makeCallback = require('./_makeCallback')
 
 module.exports.handler = (event, context, callback) => {
-  const coupon = decodeURIComponent(event.path.coupon)
-  const requestId = parseInt(event.query.requestId)
+  const coupon = decodeURIComponent(event.pathParameters.coupon)
+  const requestId = parseInt(event.queryStringParameters.requestId)
 
   return stripe.coupons.retrieve(coupon)
     .then(coupon => {
@@ -16,7 +17,7 @@ module.exports.handler = (event, context, callback) => {
             ? (' for ' + coupon.duration_in_months + ' month' +
               (coupon.duration_in_months > 1 ? 's' : ''))
             : '')
-        return callback(null, {
+        return makeCallback(callback, {
           ok: true,
           percent_off: coupon.percent_off,
           amount_off: coupon.amount_off,
@@ -26,7 +27,7 @@ module.exports.handler = (event, context, callback) => {
           requestId: requestId
         })
       } else {
-        return callback(null, {
+        return makeCallback(callback, {
           ok: true,
           error: 'Coupon not valid anymore',
           requestId: requestId
@@ -35,7 +36,7 @@ module.exports.handler = (event, context, callback) => {
     })
     .catch((err) => {
       console.error(err)
-      return callback(null, {
+      return makeCallback(callback, {
         ok: true,
         error: 'Coupon not found',
         requestId: requestId

api/coupon.js

@@ -0,0 +1,74 @@
+var https = require('https')
+var qs = require('querystring')
+var axios = require('axios')
+const storage = require('../storage')()
+const makeCallback = require('./_makeCallback')
+
+function authenticate (code, cb) {
+  var data = qs.stringify({
+    client_id: process.env.GITHUB_CLIENT_ID,
+    client_secret: process.env.GITHUB_CLIENT_SECRET,
+    code: code
+  })
+
+  var reqOptions = {
+    host: process.env.GITHUB_HOST,
+    port: process.env.GITHUB_PORT || 443,
+    path: process.env.GITHUB_PATH,
+    method: process.env.GITHUB_METHOD || 'POST',
+    headers: { 'content-length': data.length }
+  }
+
+  var body = ''
+  var req = https.request(reqOptions, (res) => {
+    res.setEncoding('utf8')
+    res.on('data', (chunk) => {
+      body += chunk
+    })
+    res.on('end', () => {
+      var token = qs.parse(body).access_token
+      cb(!token && new Error('missing access token'), token)
+    })
+  })
+
+  req.write(data)
+  req.end()
+  req.on('error', (e) => {
+    cb(e.message)
+  })
+}
+
+module.exports.handler = (event, context, callback) => {
+  authenticate(event.queryStringParameters.code, function (err, token) {
+    if (err) {
+      console.log(err)
+      makeCallback(callback, 'Bad Code', 400)
+      return
+    }
+    axios({
+      url: 'https://api.github.com/user',
+      headers: {
+        Authorization: 'Token ' + token,
+        Accept: 'application/vnd.github.v3+json'
+      }
+    }).then(user => user.data)
+      .then(user => {
+        return storage.findOne(user.id)
+      })
+      .then(user => {
+        if (!user) {
+          makeCallback(callback, 'User not found, please create a Kactus account first', 404)
+          return
+        }
+        return storage.findOrgs(user.orgs).then(orgs => {
+          user.orgs = orgs || []
+          return makeCallback(callback, {
+            ok: true,
+            user,
+            token
+          })
+        })
+      })
+      .catch(err => makeCallback(callback, err.message, 500))
+  })
+}

api/getOne.js

@@ -0,0 +1,40 @@
+function createNewSubscription (stripe, {org, enterprise, coupon, members}) {
+  // create a new subscription
+  return stripe.subscriptions.create({
+    customer: org.stripeId,
+    items: [{
+      plan: enterprise ? 'kactus-enterprise-1-month' : 'kactus-1-month',
+      quantity: members
+    }],
+    coupon: coupon || undefined
+  })
+}
+module.exports.createNewSubscription = createNewSubscription
+
+function updateSubscription (stripe, {org, fromPlan, toPlan, coupon, members}) {
+  // need to update the existing subscription
+  return stripe.subscriptions.list({
+    customer: org.stripeId,
+    plan: fromPlan === 'enterprise' ? 'kactus-enterprise-1-month' : 'kactus-1-month',
+    limit: 100
+  }).then((subscriptions) => {
+    const subscriptionToUpdate = subscriptions.data.find(s => s.status === 'active')
+    if (!subscriptionToUpdate) {
+      return createNewSubscription(stripe, {org, enterprise: toPlan === 'enterprise', coupon, members})
+    }
+    if (toPlan !== fromPlan) {
+      return stripe.subscriptions.update(subscriptionToUpdate.id, {
+        items: [{
+          plan: toPlan === 'enterprise' ? 'kactus-enterprise-1-month' : 'kactus-1-month',
+          quantity: members
+        }],
+        coupon: coupon || undefined
+      })
+    }
+    return stripe.subscriptionItems.update(subscriptionToUpdate.items.data[0].id, {
+      quantity: members,
+      prorate: true
+    })
+  })
+}
+module.exports.updateSubscription = updateSubscription